Prior to the conference, we had the opportunity to chat with Mark Barwinski, Global Head of Cyber Operations at UBS AG in Zurich, Switzerland, who shared his insights on how to build a culture of security and the biggest obstacle for cyber security practitioners in the years to come. Read his full interview below.
At UBS, Mark Barwinski was responsible for the strategy and transformation of the Security Operations Center, driving the development of cyber capabilities through organically developed supervised machine learning and artificial intelligence-enabled tools. Mark also served as the Global Head of Cyber Protection and Detection at Siemens in Munich, Germany, as well as a variety of advising roles as a CISO and Cyber Security Director at PwC Switzerland.
Mark was delivering a panel discussion on the topic of “New approaches for an evolving threat landscape in the financial services industry” together with Steve Brown, Director, Cyber Security & Resilience, Cyber & Intelligence Solutions at Mastercard, Jamie Collier, Senior Threat Intelligence Advisor at Mandiant, and Christian Ulmer, Global CISO at Avaloq at the Global Cyber Conference 2022.
What is the number one challenge to a secure digital transformation in cyber security?
I believe the number one challenge is not technical but rather human. We face challenges transforming our teams into high-performing teams able to manage change and uncertainty in high-stress and ever-evolving environments. Strong inspiring leadership is a must.
How can security leaders better help their organizations build a strong culture of security?
Too many fantastic “PowerPoint” strategies are met with significant real-world challenges. We must not overlook the human aspect. How do we inspire teams, and connect and develop them? How do we establish credibility and trust, and support our businesses to thrive?
All of these points are fundamental to driving an organization forward. However, developing strong security-focused cultures necessitate persistent attention and federated engagement to ensure security is ubiquitously present across the enterprise as a trusted enabled partner.
What are the most common misconceptions that you believe businesses have about cyber security?
I believe organizations consistently underestimate the disruptive effects of high-turnover security teams and make a mistake in viewing this as “business as usual “. Maintaining inspired and engaged teams requires business commitment.
More broadly, cyber security is not about technology as much as it is about people. Seldomly, are we faced with insurmountable technological challenges, but much more often we are faced with cultural challenges which prevent us from reaching our goals.
What do you foresee will be the biggest obstacle for security leaders and practitioners to overcome in 2023 and the years ahead?
In 2023, matured leadership able to drive strategies successfully and transform culture in uncertain times will be a key differentiator.
However, we will likely see increased uncertainty partly driven by an evolving threat landscape in the midst of a cyber Cold War, geopolitical turmoil, and commercial cost optimization initiatives as we navigate economic recessionary pressures.